diff options
-rw-r--r-- | meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple | 4 | ||||
-rw-r--r-- | meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb | 18 |
2 files changed, 22 insertions, 0 deletions
diff --git a/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple b/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple new file mode 100644 index 0000000..38ca8f5 --- /dev/null +++ b/meta-integrity/recipes-security/ima_policy_simple/files/ima_policy_simple | |||
@@ -0,0 +1,4 @@ | |||
1 | # Very simple policy demonstrating the systemd policy loading bug | ||
2 | # (policy with one line works, two lines don't). | ||
3 | dont_appraise fsmagic=0x9fa0 | ||
4 | dont_appraise fsmagic=0x62656572 | ||
diff --git a/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb new file mode 100644 index 0000000..17132aa --- /dev/null +++ b/meta-integrity/recipes-security/ima_policy_simple/ima-policy-simple_1.0.bb | |||
@@ -0,0 +1,18 @@ | |||
1 | SUMMARY = "IMA sample simple policy" | ||
2 | LICENSE = "MIT" | ||
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
4 | |||
5 | # This policy file will get installed as /etc/ima/ima-policy. | ||
6 | # It is located via the normal file search path, so a .bbappend | ||
7 | # to this recipe can just point towards one of its own files. | ||
8 | IMA_POLICY ?= "ima_policy_simple" | ||
9 | |||
10 | SRC_URI = " file://${IMA_POLICY}" | ||
11 | |||
12 | do_install () { | ||
13 | install -d ${D}/${sysconfdir}/ima | ||
14 | install ${WORKDIR}/${IMA_POLICY} ${D}/${sysconfdir}/ima/ima-policy | ||
15 | } | ||
16 | |||
17 | FILES_${PN} = "${sysconfdir}/ima" | ||
18 | RDEPENDS_${PN} = "ima-evm-utils" | ||